Each time this comes across my feed, there's a brief period of excitement - "oh yeah, we're getting a new not-Unix microkernel backed by a major company!" A few moments later I remember that it's being written in C++ and is basically the evolution of Chrome OS and the mood dampens. I'm still be waiting for the next truly innovative OS to show up and poise itself to become ubiquitous. Unfortunately I don't have much faith in Fuschia, especially after poking around in Chromium.
In the spirit of HN though this comment basically guarantees its success, right?
What language would satisfy you?
Just C. Rust has a lot of problems for serious low level work imo and suffers from a lot of the same classes of problems C++ does, and there aren't many other candidates. A simple microkernel should be fairly straightforward to write in C without any big security concerns, especially in the hands of a multi-billion dollar company. You offload most of the security work to the architecture.
> Rust has a lot of problems for serious low level work
Could expand on where it suffers? I've been playing around with Rust in the embedded space (nothing serious at all); I find it to be as elegant in a nonstd situation as it is in standard high level app development.
> and suffers from a lot of the same classes of problems C++ does,
What are those classes of problems? C++ never offered a safe alternative to C, but did offer some eases of use and stronger typing over C.
Rust on the other hand has a huge amount to offer over C. At no point in my Rust work do I ever wish I was working with C, quite the contrary. But I like strongly typed languages, Rust is definitely not for those that dislike types.
>Could expand on where it suffers? I've been playing around with Rust in the embedded space (nothing serious at all); I find it to be as elegant in a nonstd situation as it is in standard high level app development.
By "the embedded space" do you mean "devices running Linux with Rust in userspace?" Because that's much higher level than what I'm talking about, and has very different design concerns from those of a general purpose operating system.
My main beef with Rust for low level development is that Rust is way more complicated than it should be. IMO for serious low level programming Rust should have 1/10th the featureset. It also has issues dealing with the weird data structures that tend to come up in low level contexts in my experience. Rust also has the shiny fad status working against it IMO. If, say, 5% of C hackers understand low level programming and/or kernel hacking, then maybe 0.5% of Rust hackers do (if that).
>What are those classes of problems? C++ never offered a safe alternative to C, but did offer some eases of use and stronger typing over C.
It comes back to complexity and typing. There's nothing wrong with strongly typed languages (of which C is a member), but I strongly dislike object oriented languages and paradigms. Especially in low level contexts it's like forcing a square peg into a round hole. Other features C++ brings to the table like operator overloading and templates are antifeatures, doubly so in a kernel hacking context. Many of the same patterns of unnecessary complexity introduced by C++ are also present in Rust.
C is boring, but it's also transparent and straightforward. Ergonomics takes a backseat to simplicity in C, which is a compromise I'd take any day.
> By "the embedded space" do you mean "devices running Linux with Rust in userspace?"
No, I mean TockOS with the Hail dev board: https://www.tockos.org/blog/2017/introducing-hail/
> Rust is way more complicated than it should be
People often make this statement, but I don't know exactly what it means. The type system is great for writing finite state machines, which I'm finding to be a nice quality for the toy programs I've written on Tock.
> Rust also has the shiny fad status working against it IMO.
Rust is 2 years into it's stable life. It's young, will it ever exceed the number of lines written than C or C++, almost definitely not, but I wouldn't dismiss it off-hand because people like it, there might be a good reason for that.
> If, say, 5% of C hackers understand low level programming and/or kernel hacking, then maybe 0.5% of Rust hackers do (if that).
I wonder about this statement. I've noticed quite a large number of people in the community working with Rust in the embedded space. According to the people who responded to the Rust survey this year, https://blog.rust-lang.org/2017/09/05/Rust-2017-Survey-Resul..., it was nearly 17%.
> C is boring
I've met more undefined behavior that makes me not agree.
> and straightforward.
:/
>No, I mean TockOS with the Hail dev board: https://www.tockos.org/blog/2017/introducing-hail/
So more of the "Arduino like" embedded space. That also has little to do with the design constraints of a general purpose operating system.
>People often make this statement, but I don't know exactly what it means. The type system is great for writing finite state machines, which I'm finding to be a nice quality for the toy programs I've written on Tock.
Rust gets new features daily [1]. C gets new features every decade if we're lucky.
>I wonder about this statement. I've noticed quite a large number of people in the community working with Rust in the embedded space. According to the people who responded to the Rust survey this year, https://blog.rust-lang.org/2017/09/05/Rust-2017-Survey-Resul..., it was nearly 17%.
Embedded space != kernel hacking, as I've already pointed out.
Does it not? It's the same issue around no-stdlib, stricter sense of allocated memory, etc. If it isn't something that I can extrapolate from you'll have to explain better why. It's been a while since my CS courses on operating systems.
> Rust gets new features daily [1]. C gets new features every decade if we're lucky.
Yes, this is an age thing. I'm sure in it's infancy, C was gaining features and changing rapidly. For example, C changed significantly early on it's syntax from K&R to Ansi. C compilers have to support that.
It's reasonable to say that the language isn't ready for your use, but the features that are being gained are all related to areas around ease of use of the language, making it easier to get started and lower the initial learning curve. They seem important. By the way, you linked to the RFC repo instead of the language repo: https://github.com/rust-lang/rust/commits/master. The language does have a lot of features that make it into the nightly branch, but those take a long time to bake until they're promoted to stable.
> Embedded space != kernel hacking, as I've already pointed out.
I thought we were talking about low-level programming, not explicitly Kernel hacking. Yes, Arduino and it's ilk are definitely not full OS'.
For actual Kernel hacking in Rust, there is:
- https://github.com/redox-os/redox
- https://intermezzos.github.io/book/
All of those projects seem very interesting. For Linux drivers, there was this exploratory project I saw a while back: https://github.com/tsgates/rust.ko (hasn't been touched in a while).
So people are doing it and seem to be enjoying it.